100 episodes

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Risky Business Patrick Gray

    • News
    • 4.8 • 77 Ratings

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

    Risky Business #740 -- Midnight Blizzard's Microsoft hack isn't over

    Risky Business #740 -- Midnight Blizzard's Microsoft hack isn't over

    On this week’s show Patrick and Adam discuss the week’s security news, including:


    Weather forecast in Redmond is still for blizzards at midnight
    Maybe Change Healthcare wasn’t just crying nation-state wolf
    Hackers abuse e-prescription systems to sell drugs
    CISA goes above and beyond to relate to its constituency by getting its Ivantis owned
    VMware drinks from the Tianfu Cup
    Much, much more


    This week’s feature guest is John P Carlin. He was principal associate deputy attorney general under Deputy Attorney General Lisa Monaco for about 18 months in 2021 and 2022, and also served as Robert Mueller’s chief of staff when he was FBI director.

    John is joining us this week to talk about all things SEC. He wrote the recent Amicus Brief that says the SEC needs to be careful in its action against Solarwinds. He’ll also be talking to us more generally about these new SEC disclosure requirements, which are in full swing.

    Rad founder Jimmy Mesta will along in this week’s sponsor segment to talk about some really interesting work they’ve done in baselining cloud workloads. It’s the sort of thing that sounds simple that really, really isn’t.

    Risky Business #739 -- ALPHV exit scams while Change Healthcare burns

    Risky Business #739 -- ALPHV exit scams while Change Healthcare burns

    In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:


    The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response
    Predator spyware maker getting a stern sanctioning
    A German military WebEx meeting gets snooped
    Mem-corrpution is still king
    And much, much more


    In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP.

    Risky Business #738 -- LockBit is down but not out. Yet.

    Risky Business #738 -- LockBit is down but not out. Yet.

    In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:


    LockBit gets back up after takedown
    Russia arrests Medibank hacker… for something else
    ConnectWise gives out free updates, but customers aren’t happy
    Microsoft gives in to demands for more logs
    Sandvine gets entity-listed
    And much much more.


    Dmitri Alperovitch also joins the show to discuss Starlink, Starshield and a row with Congress about its availability in Taiwan.

    In this week’s sponsor interview, Airlock Digital’s Daniel Schell talks about his adventures with WDAC, and Dave Cottingham predicts Windows 12 will go all in on signed code.

    Risky Business #737 -- LockBit gets absolutely rekt

    Risky Business #737 -- LockBit gets absolutely rekt

    In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:


    LockBit has been taken down by law enforcement
    Some mega-juicy leaks out of Chinese offsec/APT contractor I-SOON
    GRU gets its Moobot network shutdown
    Signal adding usernames is… complicated
    Much, much more


    In this week’s sponsor interview Devicie’s Tom Plant joins the show to talk about problems orgs run into when it comes to Windows policies. There’s an expectation out there that Windows policies are set and forget, but sadly, this is not so.

    Soap Box: A deep dive on how Russia's SVR is hacking Microsoft 365 tenants

    Soap Box: A deep dive on how Russia's SVR is hacking Microsoft 365 tenants

    The need to properly secure Entra ID tenants has been made pretty obvious this year thanks to a large-scale attack on them by Russia’s SVR intelligence agency. In this interview Andy Robbins from SpecterOps, the maker of Bloodhound Enterprise, talks through how he thinks those attacks actually went down, about how if you’re an o365 customer you’re using Entra ID whether you like it or not, and about how you can lock down your Entra ID tenant.

    Risky Business #736 -- Azure misconfigurations are 2024's looming threat

    Risky Business #736 -- Azure misconfigurations are 2024's looming threat

    In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:


    Somehow there are still more Ivanti and Fortinet exploits
    Volt Typhoon have been at it for years
    Starlink in Ukraine gets complicated
    Canadians hate poor Flipper
    Much, much more…


    In this week’s sponsor interview Feross Aboukhadijeh from Socket joins the show to talk about the sheer volume of malicious packages being committed to code repositories and why older SCA tools aren’t well equipped to deal with them.

Customer Reviews

4.8 out of 5
77 Ratings

77 Ratings

luk3w35t ,

Solid high protein security news. With humour.

Pat and Adam (plus guests) take the dry dry dry info-sec news, they inject thoughtful narrative and humour to make this a must listen. They have super in depth real world knowledge of the subject matter. They don’t pull punches but they deliver a weekly report which contains all the relevant info I need. Easily the best regular podcast about information Security news.

mikeyjck ,

No BS Infosec News

Zero BS and great analysis

OpHandle ,

Straight to the point

Not filled with ads or mindless ranting. Straight to the point and up to date content, with just the right amount of discussion.

Well done everyone, you make my Wednesdays (Thursdays) something to look forward to!

Top Podcasts In News

The Rest Is Politics
Goalhanger Podcasts
Black Box
The Guardian
The News Agents
Global
Electoral Dysfunction
Sky News
Leading
Goalhanger Podcasts
Newscast
BBC News

You Might Also Like

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
Smashing Security
Graham Cluley & Carole Theriault
Malicious Life
Malicious Life
CyberWire Daily
N2K Networks
Darknet Diaries
Jack Rhysider
Click Here
Recorded Future News